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FIG. 3 



MS SENDS IMSI TO MSC/VLR 



MSC/VLR REQUESTS AUTHENTICATION 
TRIPLET (S) FROM AuC 



AuC COMPUTES ONE OR MORE TRIPLE- 
TS) (RAND, SRES, Kc) AND SENDS THEM 
TO MSC/VLR. 
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MSC/VLR SENDS AUTHENTICATION REQUEST (RAND) 

TOMS 



MS SENDS TO SIM RUN GSM ALGORITHM (RAND) 

REQUEST 



MS SENDS TO SIM GET RESPONSE MESSAGE 



SIM REPLIES WITH RESPONSE (SRES.Kc) 



MS STORES Rc ON SIM BY SENDING TO SIM 
WRITE (Kc) REQUEST 



MS SENDS TO MSC/VLR THE RIL 3-MM 
AUTHENTICATION RESPONSE (SRES) 



MSC/VLR COMPARES SRES RECEIVED FROM 
AUC TO SRES RECEIVED FROM MS 




AUTHENTICATION 
FAILS 



320 



AUTHENTICATION 
SUCCEEDS 
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FIG. 5 



USER VISITS, E.G. WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES A CONTENT ITEM 
AND PAYS FOR IT E.G. BY GIVING HIS CREDIT 
CARD NUMBER OR BY OTHER METHOD 



CONTENT PROVIDER SENDS TO USER 
(CID, RAND). USER COMPUTES SRES. 



360 



USER SENDS SRES TO CONTENT 
PROVIDER. CONTENT PROVIDER STORES 
(CID, RAND, SRES) IN HIS DATABASE 



FIG. 6 



USER SENDS (CID, RAND) TO NETWORK 
OPERATOR 



I 



NETWORK OPERATOR COMPUTES SRES AND 

Kc 



I 



NETWORK OPERATOR SENDS (CID, RAND, SRES) 
TO CONTENT PROVIDER 



CONTENT PROVIDER CHECKS IF 
(CID, RAND, SRES) ARE STORED IN HIS DATABASE 
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, CID, x Mr . 
flAND, SRESV^h 
^STORED?. 



YES 



SEND NEGATIVE 
ACKNOWLEDGEMENT 
TO NETWORK 
OPERATOR 



SEND POSITIVE ACKNOWLEDGEMENT TO 
NETWORK OPERATOR 



I 



NETWORK OPERATOR ENCRYPTS CONTENT 
WITH Kc AND SENDS IT TO USER 



USER DECRYPTS CONTENT AND INSTALLS IT 
ON HIS MOBILE PHONE 



FIG. 7 



USER VISITS, E.G. THE WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES A CONTENT ITEM. 



I 



CONTENT PROVIDER SENDS USER RAND. USER COMPUTES 
(SRES, Kc) AND SENDS SRES TO CONTENT PROVIDER 
TOGETHER WITH HIS MOBILE NETWORK IDENTIFIER 



X 



CONTENT PROVIDER SENDS CID, MOBILE NETWORK 
INDENTIFIER AND (RAND, SRES) TO MOBILE NETWORK 

OPERATOR 



I 



OPERATOR COMPUTES SRES AND Kc FROM 
RAND 
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COMPUTED 

SRES SAME AS 

THE ONE RECEIVED 

FROM CONTENT 

PROVIDER 
? 



NO 



SEND NEGATIVE 
ACKNOWLEDGEMENT 
TO CONTENT 
PROVIDER 



.YES 



CHARGE SUBSCRIBER FOR THE CONTENT. SEND POSITIVE 
ACKNOWLEDGEMENT TO CONTENT PROVIDER. THE 
ACKNOWLEDGEMENT CONTAINS Kc. 



I 



CONTENT PROVIDER SENDS THE CONTENT ENCRYPTED 
WITH Kc TO THE USER 



FIG. 8 



USER VISITS, E.G. THE WEB SITE OF NETWORK 
OPERATOR. HE CHOOSES A CONTENT ITEM WITH 
IDENTIFIER CID. 



NETWORK OPERATOR SENDS THE USER A RANDOM 
NUMBER (RAND). USER REPLIES WITH SRES. 




NETWORK OPERATOR CHARGES THE USER 
FOR CONTENT CID 

NETWORK OPERATOR SENDS (CID, RAND, SRES, Kc) TO 
CONTENT PROVIDER. CONTENT PROVIDER STORES 
CID, RAND, SRES, Kc IN ITS DATABASE 



FIG. 9 



USER VISITS, E.G. THE WEB SITE OF THE CONTENT 
PROVIDER AND SENDS (CID, RAND, E(Kc, SRES)) 
TO THE CONTENT PROVIDER 



CONTENT PROVIDER SEARCHES ITS DATABASE FOR 
AN ENTRY STARTING WITH (CID, RAND). 




CONTENT PROVIDER DECRYPTS (Kc, SRES) 
RECEIVED FROM THE USER 




CONTENT PROVIDER ENCRYPTS THE CONTENT WITH 
Kc AND SENDS IT TO THE USER 



FIG. 10 



USER VISITS, E.G. A WEB SITE OF NETWORK 
OPERATOR. HE CHOOSES A CONTENT ITEM WITH 
AN IDENTIFIER CID. 



NETWORK OPERATOR SENDS USER RAND; 
USER REPLIES WITH SRES 




NETWORK OPERATOR CHARGES THE USER FOR THE 

CONTENT CID 



NETWORK OPERATOR STORES (CID, RAND, SRES, Kc) 
IN ITS DATABASE 



FIG. 1 1 



USER VISITS, E.G. THE WEB SITE OF NETWORK 
OPERATOR AND SENDS TO THE NETWORK OPERATOR 
CID, RAND, E(Kc, SRES) 



NETWORK OPERATOR SEARCHES HIS DATABASE FOR 
AN ENTRY STARTING WITH (CID, RAND,...) 




NETWORK OPERATOR DECRYPTS (Kc, SRES) 




NETWORK OPERATOR ENCRYPTS THE CONTENT 
WITH Kc AND SENDS IT TO THE USER 



FIG. 12 



USER VISITS, E.G. THE WEB SITE OF CONTENT 
PROVIDER. HE CHOOSES SEVERAL CONTENT ITEMS 
AND PAYS FOR THEM BY, E.G. GIVING HIS CREDIT 
CARD NUMER OR BY SOME OTHER WAY 



CONTENT PROVIDER SENDS TO USER SERIAL 
NUMBER OF THE PURCHASE, N, A LIST OF IDEN- 
TIFIERS OF THE CONTENT (CID1 , CID2, CIDn) 
AND A LIST OF RANDOM NUMBERS (RAND1, 
RAND2, .... RANDn) FROM WHICH USER COMPUTES 
THE LIST (SRES1, SRES2,..., SRESn) 



USER SENDS (SRES1, SRES2, SRESn) TO 
CONTENT PROVIDER. CONTENT PROVIDER STORES 
N, (CID1, .... CIDn), (RAND1, .... RANDn), (SRES1, 

SRESn) AND A MASK (M1.M2M Mn) = (1,1 1) IN 

HIS DATABASE 



FIG. 13 



USER WANTS TO DOWNLOAD CONTENT IDENTIFIED BY 
CID2. HE SENDS TO NETWORK OPERATOR N, 
CID2 AND RAND2 



NETWORK OPERATOR COMPUTES SRES2 FROM 

RAND 2 

I 

NETWORK OPERATOR SENDS (N, 2, CID2, RAND2, SRES2) 
TO CONTENT PROVIDER 



CONTENT VENDOR CHECKS IF DATABASE 
ENTRY (N,...) EXISTS. 




CONTENT VENDOR SETS M2=0. SENDS POSITIVE 
ACKNOWLEDGEMENT TO NETWORK OPERATOR 



NETWORK OPERATOR ENCRYPTS THE CONTENT WITH 
Kc AND SENDS IT TO THE USER. USER DECRYPTS THE 
CONTENT AND INSTALLS IT ON HIS MOBILE STATION 
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FIG. 14 
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